PerimeterX Code Defender™
Protect your website from client-side supply chain attacks
PerimeterX Code Defender provides real-time visibility and granular control into the client-side supply chain attack surface, identifies vulnerabilities and anomalous behavior, and proactively mitigates risk.
Stop Client-side Attacks
- Detect
- Analyze
- Mitigate
Client-side JavaScript code is a significant blind side for businesses because it runs on end users’ browsers, outside the protection of legacy security solutions like web application firewalls (WAFs). Malicious first-, third- and nth-party JavaScript can modify page elements, insert fake checkout buttons or skim personally identifiable information (PII) from your website, including credit card numbers and passwords.
Code Defender runs 24/7/365 and provides robust real-time visibility into all scripts, all downstream dependencies and every action taken in users' browsers. It extends website security to the client-side, freeing up application development teams to focus on innovation.
Read Case StudyWe wanted to find the anomalies and changes in our client-side scripts. The Code Defender behavioral analysis solution greatly simplifies this process.
Why PerimeterX
Comprehensive Client-side Visibility
Gain real-time visibility into first-, third- and Nth-party scripts and detect unauthorized PII access, data exfiltration events and known script vulnerabilities.
Client-side Mitigation
Provides granular control over legitimate JavaScript so you can block specific actions without blocking the entire script, enabling enforcement of PCI and compliance with privacy regulations. Complements CSP capabilities.
Script Analyzer
Gives full visibility into client-side scripts running in your environment, like how scripts are interacting with your site, additional scripts they are interacting with and exposure details.
Dashboards
Provides an actionable dashboard that offers an at-a-glance overview and helps teams quickly identify the high-risk PII, PCI, and vulnerability incidents that response teams should prioritize.
Threat Research Leadership
The PerimeterX research team conducts proactive research into new threats to identify vulnerable scripts, malicious domains and novel attack techniques. This research is used to continuously improve Code Defender detection and to provide actionable context on alerts.
Enterprise-level Customer Services
The PerimeterX security team is available via multiple channels to help you investigate security incidents and provide actionable insights. The team analyzes feedback loops from Code Defender, to proactively mitigate client-side attacks and enabling you to quickly respond to compliance and vulnerability incidents.
Powered by the PerimeterX Platform
The PerimeterX Platform is a set of cloud-native infrastructure and services that powers an award-winning suite of application protection solutions. The solutions powered by the Platform protect online businesses against automated attacks and client-side threats, and improve operational efficiency. In addition to Code Defender, the platform also powers PerimeterX Bot Defender which stops automated bot attacks and PerimeterX Credential Intelligence that stops real-world credential stuffing attacks.
How Code Defender Works
Collect
The PerimeterX Sensor collects activity signals from the client-side browser including interactions with the DOM, network domains and local storage. This information is sent to the cloud-based Detector for analysis. The Sensor does not collect any personal data from the browser.
Analyze
The cloud-based Detector analyzes the client-side activity signals using advanced machine learning models to build a baseline profile for every first-, third- and Nth-party script running on the web page. The Detector flags any changes in script behavior or execution of new scripts and automatically generates alerts.
Mitigate
The out-of-band Enforcer works with your web server or CDN to automatically manage and enforce CSP rules. Updated with continuous intelligence from the Detector, the Enforcer ensures that the CSP prevents scripts from being loaded from unknown domains, and blocks malicious network communication on the client-side browser.